小论坛地址: http://rayyu.5d6d.com/thread-9444-1-1.html

正文:


首先 session 和 cache 拥有各自的优势而存在.  他们的优劣就不在这里讨论了.

本实例仅存储用户id于用户名,对于多级权限的架构,可以自行修改增加权限字段


本实例采用vs2010编写,vb和c#的代码都是经过测试的;一些童鞋说代码有问题的 注意下   

什么? 你还在用vs2008 vs2005? 请自行重载 带有 optional 标致的函数


童鞋们提到的 密码修改后 要失效的问题 当时没有想到 个人认为 大致方向可以》

》1. 每个用户生成1个xml 里面保存随机的几个字符 或者修改密码的时间戳也行 

》2. 这个文件在用户刚注册 或修改密码时候生成写入; 写入的同时需要更新当前用户的cookie 否则当前用户也会失效

》3. 在本实例的基础上 加1个字段 内容为 1中的若干字符 本实例在cookie写入15分钟后才会重新写入新的cookie;可以在重新写入cookie前 比对这几个若干字符是否匹配 用 StreamReader 即可

》4. 以上不知 大家看懂了没有呢

以下类实现了 使用加密cookie代替session验证用户登录状态 支持 1小时/1周 有效期2种模式 (期间有新的请求则更新失效时间)

项目源码下载地址 http://www.370b.com/bbsx/cookie-login/cookie.rar

csdn下载地址 http://download.csdn.net/detail/rayyu1989/4265766

在自定义字符 CustomCode 不被知道的情况下 该加密过程是相对安全的.
你还可以更改其中 的 2处MD5哈希值 生成的方式、DEChar(ENChar)混淆字符 让代码更与众不同

欢迎大家拍砖

加密后的cookie值枚举:

n=rayyu_EJPSiju2JJNeh5&u=VWpc9dv5v8e4APbbhJmSP+yifwZNEcyRy6V/RwzqV2pmo+x6hNLHI/pLlzl8+KgdWpMHtTTOYpGMe3tCrAIKkmeCrKG7BpSVUYF0piopz757NPb43Z4ehA==&i=56-76-68-35-4A-37-57-35

n=rayyu_P5O7ouiq5JVaMf&u=gWz/itCIlbupWCv7iziBuYCwT1SF4+IbyFbwa5Hmm+up4iuCxKMCl24+bLRb0Y/6RMyfzcpuJwu8gT/Yqg1UV1bd9UqgQYzrLdibP9zaXkYjYyT56gkCBg==&i=5B-65-54-34-6G-35-4C-45

n=rayyu_bNJuGxps3Kqtxl&u=kUorl6z713eYdjkhRidocZKHMh2Mw6j5LowmevsWiKZsn81dzlsPcH4fp1VJsi2dtObeYvMJTCybLrv45TsdLIT7nhZcQJdxKGn1oaK/7a3Ldfte6zoQqg==&i=4H-5B-53-6A-6H-75-32-4H

n=rayyu_TF0hpOgdGhliK8&u=1O9Zi4V9Qj2HH63dEfXaLaoj3X6ea9azIBjuLjFBJqhiTQefz2x161IIDpWaviJr1TTECBdb4NCIiFOEsEY9C4gl+/Equjc7tGpO12ixEkZz70bMg48M9w==&i=4H-4E-65-68-35-7A-5B-35

n= rayyu_9INryZvNo1pCKm&u=wQgRgtf+uy9jKQXJhr7DerZtFeYmm2Lx10Asgf52HTzkar9iHXkVaJJqHtwWA9K635QU4bGLYZPWl3nj0rxOhOe93ew+bIAR8FWr2zPwvfZ++TwB3670LQ==&i=4F-37-6F-75-6A-71-35-4H

客户端可以获取cookie的 n值 来简单判断是否登录 n为用户名,配合静态页和缓存 动态显示登录状态

VB.NET调用: (Rayyu 是 namespace)

Dim user As New Rayyu.User() '初始化用户信息(检测当前请求用户是否登录)
If user.Online Then
Response.Write("<br />name:" & user.Name & ",online:" & user.Online & ",id:" & user.ID)
End IfDim user2 As New Rayyu.User(1, "用户名", False) '初始化(写入新用户)

C#调用:(Rayyu 是 namespace)

Rayyu.User user = new Rayyu.User();// 初始化用户信息(检测当前请求用户是否登录)Rayyu.User user2 = new Rayyu.User(1, "用户名", false);// 初始化(写入新用户) false 表示1小时  true表示1周if (user.Online){Response.Write("<br />name:" + user.Name + ",online:" + user.Online + ",id:" + user.Id);}

VB.NET 源代码:

Imports System.Web
Imports System.Text.RegularExpressions
Imports System.Text
Imports System.Security.Cryptography''' <summary>''' 用户登录机制 支持1小时/1周状态''' </summary>''' <remarks></remarks>Public Class User
#Region "自定义参数"''' <summary>''' 自定义字符 用于第一层加解密密匙''' </summary>''' <remarks></remarks>Private Const CustomCode As String = "QQ:867863456"''' <summary>''' cookie名''' </summary>''' <remarks></remarks>Private Const CookieName As String = "userinfo"''' <summary>''' Cookie作用域''' </summary>''' <remarks></remarks>Private Const CookieDomain As String = ".370b.com"''' <summary>''' 编码''' </summary>''' <remarks></remarks>Private Shared Encoder As Encoding = Encoding.UTF8''' <summary>''' 用户名的正则检测 我的是:首位由字母或者汉字构成,由字母、数字、下划线、和汉字的 2-20位的字符 组合而成 的''' </summary>''' <remarks></remarks>Private Const RegexUserName As String = "[a-zA-Z\u4e00-\u9fa5][\w\u4e00-\u9fa5]{1,19}"''' <summary>''' 区域化信息设置''' </summary>''' <remarks></remarks>Private Shared ReadOnly Format As Globalization.CultureInfo = New System.Globalization.CultureInfo("zh-CN", True)
#End Region
#Region "回调参数"''' <summary>''' 是否在线''' </summary>''' <remarks></remarks>Public ReadOnly Property Online As BooleanGetReturn _OnlineEnd GetEnd PropertyPrivate _Online As Boolean = False''' <summary>''' 用户ID (Online=true情况下使用)''' </summary>''' <remarks></remarks>Public ReadOnly Property Id As IntegerGetReturn _IdEnd GetEnd PropertyPrivate _Id As Integer''' <summary>''' 用户名 (Online=true情况下使用)''' </summary>''' <remarks></remarks>Public ReadOnly Property Name As StringGetReturn _NameEnd GetEnd PropertyPrivate _Name As String''' <summary>''' 有效期是否为7天''' </summary>''' <remarks></remarks>Public ReadOnly Property IsWeek As BooleanGetReturn _IsWeekEnd GetEnd PropertyPrivate ReadOnly _IsWeek As Boolean
#End Region''' <summary>''' 初始化用户信息(检测当前请求用户是否登录)''' </summary>''' <remarks></remarks>Public Sub New()'读取cookieDim cookie As HttpCookie = HttpContext.Current.Request.Cookies(CookieName)If cookie IsNot Nothing Then'存在cookieDim value As String = cookie.Values("u"), key As String = cookie.Values("i"), tname As String = cookie.Values("n")cookie = NothingIf tname IsNot Nothing AndAlso value IsNot Nothing AndAlso key IsNot Nothing AndAlso Regex.IsMatch(key, "^[1-8A-H]{2}(-[1-8A-H]{2}){7}$", Text.RegularExpressions.RegexOptions.None) Then'存在对应键值Dim keybyte As Byte() = toByte(DEChar(key)) '解密密匙的后8位字节 由参数i构成If keybyte IsNot Nothing ThenDim autocode() As Byte '解密密匙的前16位字节 由用户UserAgent,用户名,自定义字符 组合而成 的 md5 Using m As New System.Security.Cryptography.MD5CryptoServiceProvider()autocode = m.ComputeHash(Encoder.GetBytes(String.Format(Format, "{0}_{2}_{1}", HttpContext.Current.Request.UserAgent, tname, CustomCode)))m.Clear()End UsingDim keyboard() As Byte = New Byte(keybyte.Length + autocode.Length - 1) {}autocode.CopyTo(keyboard, 0)keybyte.CopyTo(keyboard, autocode.Length)value = DesDecrypt(value, keyboard)If value.Length > 0 Then'解密成功 第一层合法Dim values As Match = Regex.Match(value, "^(?<md5>[\w]{32})(?<isweek>[01])(?<id>[\d]{1,10})(?<name>" & RegexUserName & ")\|(?<exp>[\d]{1,19})$")If values.Success ThenDim LostDateTime As LongIf Integer.TryParse(values.Groups("id").Value, Me._Id) AndAlso Me._Id > 0 AndAlso Long.TryParse(values.Groups("exp").Value, LostDateTime) AndAlso LostDateTime > 0 Then'解密后的字符串格式正确Me._IsWeek = (values.Groups("isweek").Value = "1")'此md5用于验证解密后的字符串 由用户id,用户名,cookie写入时间,自定义字符串 以及有效期是否是1周 组合Dim md5 As String = MD5Public(String.Format(Format, "{0}{5}{1}{2}:rayyu.{3};{4}", values.Groups("id").Value, values.Groups("exp").Value, values.Groups("name").Value, CookieDomain, IsWeek, CustomCode))If md5 = values.Groups("md5").Value Then'md5正常Dim lostdate As Double = (Now - New DateTime(LostDateTime)).TotalMinutesDim l_a As IntegerIf IsWeek Thenl_a = 10080Elsel_a = 60End IfIf lostdate > 0 AndAlso lostdate < l_a Then'cookie在有效期内Me._Name = values.Groups("name").ValueMe._Online = TrueIf lostdate > 15 Then'cookie以写入超过15分钟,从新写入1次cookieSetUser(Me._Id, Me._Name, Me._IsWeek, autocode)End IfEnd IfElseMe._Id = 0Me._Name = NothingEnd IfEnd IfEnd IfEnd IfEnd IfEnd IfEnd IfEnd Sub''' <summary>''' 初始化(写入新用户)''' </summary>''' <param name="userid">用户id</param>''' <param name="username">用户名</param>''' <param name="isweek">是否保持一周登录状态</param>''' <remarks></remarks>Public Sub New(ByVal userId As Integer, ByVal userName As String, ByVal isWeek As Boolean)SetUser(userId, userName, isWeek)Me._ID = userIdMe._Name = userNameMe._IsWeek = isWeekMe._Online = TrueEnd Sub''' <summary>''' 写入用户''' </summary>''' <param name="userid">用户id</param>''' <param name="username">用户名</param>''' <param name="isweek">是否保持一周登录状态</param>''' <param name="autocode"></param>''' <remarks></remarks>Private Shared Sub SetUser(ByVal userid As Integer, ByVal username As String, ByVal isweek As Boolean, Optional ByVal autocode As Byte() = Nothing)If autocode Is Nothing Then'解密密匙的前16位字节 由用户UserAgent,用户名,自定义字符 组合而成 的 md5 Using m As New System.Security.Cryptography.MD5CryptoServiceProvider()autocode = m.ComputeHash(Encoder.GetBytes(String.Format(Format, "{0}_{2}_{1}", HttpContext.Current.Request.UserAgent, username, CustomCode)))End UsingEnd IfDim expires As DateTimeDim isweekint As CharIf isweek Thenexpires = Now.AddDays(7)isweekint = "1"Elseexpires = Now.AddHours(1)isweekint = "0"End If'解密密匙的后8位字节 随机生成参数iDim rbyte() As Byte = Encoder.GetBytes(RandomCode(8))Dim keyboard() As Byte = New Byte(23) {}autocode.CopyTo(keyboard, 0)'组合密匙 长度为24位rbyte.CopyTo(keyboard, autocode.Length)autocode = NothingDim exp As String = Now.Ticks.ToString("D", Format)'加密字符串Dim value As String = DesEncrypt(String.Format(Format, "{4}{0}{1}{2}|{3}", isweekint, userid, username, exp, MD5Public(String.Format(Format, "{0}{5}{1}{2}:rayyu.{3};{4}", userid, exp, username, CookieDomain, isweek, CustomCode))), keyboard)keyboard = NothingDim key As String = ENChar(System.BitConverter.ToString(rbyte)) '混淆参数irbyte = Nothing'写入cookieDim cookie As New HttpCookie(CookieName)cookie.Values.Add("n", username)cookie.Values.Add("u", value)cookie.Values.Add("i", key)cookie.Path = "/"cookie.Expires = expirescookie.Domain = CookieDomainHttpContext.Current.Response.Cookies.Set(cookie)End Sub''' <summary>''' TripleDESC解密''' </summary>''' <param name="strText">待解密字符串</param>''' <param name="key">密匙</param>''' <returns></returns>''' <remarks></remarks>Protected Friend Shared Function DesDecrypt(ByVal strText As String, ByVal key As Byte()) As StringTryUsing provider As New System.Security.Cryptography.TripleDESCryptoServiceProvider()provider.Key = keyprovider.Mode = System.Security.Cryptography.CipherMode.ECBDim inputBuffer As Byte() = Convert.FromBase64String(strText)Return Encoder.GetString(provider.CreateDecryptor().TransformFinalBlock(inputBuffer, 0, inputBuffer.Length)).TrimEnd UsingCatch ex As CryptographicExceptionReturn String.EmptyCatch ex As ArgumentNullExceptionReturn String.EmptyCatch ex As DecoderFallbackExceptionReturn String.EmptyCatch ex As ArgumentExceptionReturn String.EmptyCatch ex As FormatExceptionReturn String.EmptyEnd TryEnd Function''' <summary>''' TripleDESC加密''' </summary>''' <param name="strText">待加密字符串</param>''' <param name="key">密匙</param>''' <returns></returns>''' <remarks></remarks>Protected Friend Shared Function DesEncrypt(ByVal strText As String, ByVal key As Byte()) As StringTryUsing provider As New System.Security.Cryptography.TripleDESCryptoServiceProvider()provider.Key = keyprovider.Mode = System.Security.Cryptography.CipherMode.ECBDim bytes As Byte() = Encoder.GetBytes(strText)Return Convert.ToBase64String(provider.CreateEncryptor().TransformFinalBlock(bytes, 0, bytes.Length))End UsingCatch ex As CryptographicExceptionReturn String.EmptyCatch ex As ArgumentNullExceptionReturn String.EmptyCatch ex As DecoderFallbackExceptionReturn String.EmptyCatch ex As ArgumentExceptionReturn String.EmptyCatch ex As FormatExceptionReturn String.EmptyEnd TryEnd Function''' <summary>''' md5加密''' </summary>''' <param name="str">待加密字符串</param>''' <returns>返回加密后字符串</returns>''' <remarks></remarks>Private Shared Function MD5Public(ByVal str As String) As StringDim returnx As String = "0000000000000000"If str IsNot Nothing AndAlso str IsNot String.Empty ThenTryUsing m As New System.Security.Cryptography.MD5CryptoServiceProvider()Dim MDByte As Byte() = m.ComputeHash(Encoder.GetBytes(str))returnx = Strings.Replace(System.BitConverter.ToString(MDByte), "-", "")m.Clear()End UsingCatch ex As ObjectDisposedExceptionreturnx = "0000000000000000"Catch ex As ArgumentOutOfRangeExceptionreturnx = "0000000000000003"Catch ex As ArgumentNullExceptionreturnx = "0000000000000001"Catch ex As EncoderFallbackExceptionreturnx = "0000000000000001"Catch ex As InvalidOperationExceptionreturnx = "0000000000000002"End TryEnd IfReturn returnxEnd Function''' <summary>''' 随机数''' </summary>''' <remarks></remarks>Private Shared Randoms As New Random''' <summary>''' 随机字符集合''' </summary>''' <remarks></remarks>Private Shared xarrChar() As Char = New Char() {"0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z"}''' <summary>''' 生成随机数''' </summary>''' <returns></returns>''' <remarks></remarks>Public Shared Function RandomCode(ByVal length As Integer) As StringDim str As String = ""Dim mlength As Integer = xarrChar.LengthFor i As Integer = 0 To length - 1str &= xarrChar(Randoms.Next(0, mlength))NextReturn strEnd Function''' <summary>''' 16进制字符串转Byte数组''' </summary>''' <param name="value"></param>''' <returns></returns>''' <remarks></remarks>Private Shared Function toByte(ByVal value As String) As Byte()TryDim chars As String() = value.Split("-")Dim length As Integer = chars.Length - 1Dim byte_() As Byte = New Byte(length) {}For i As Integer = 0 To lengthbyte_(i) = Convert.ToByte(chars(i), 16)NextReturn byte_Catch ex As ArgumentExceptionReturn NothingCatch ex As FormatExceptionReturn NothingCatch ex As OverflowExceptionReturn NothingEnd TryEnd Function''' <summary>''' TripleDESC-部分密匙 字符混淆 如果要修改下面的字符 请注意修改上面的正则''' </summary>''' <param name="value"></param>''' <returns></returns>''' <remarks></remarks>Private Shared Function ENChar(ByVal value As String) As Stringvalue = Strings.Replace(value, "A", "H")value = Strings.Replace(value, "B", "G")value = Strings.Replace(value, "0", "B")value = Strings.Replace(value, "9", "A")Return valueEnd Function''' <summary>''' TripleDESC-部分密匙 字符反混淆 如果要修改下面的字符 请注意修改上面的正则''' </summary>''' <param name="value"></param>''' <returns></returns>''' <remarks></remarks>Private Shared Function DEChar(ByVal value As String) As Stringvalue = Strings.Replace(value, "A", "9")value = Strings.Replace(value, "B", "0")value = Strings.Replace(value, "G", "B")value = Strings.Replace(value, "H", "A")Return valueEnd FunctionEnd Class

C#源代码:

using System;
using System.Web;
using System.Text.RegularExpressions;
using System.Text;
using System.Security.Cryptography;
namespace Rayyu{/// <summary>/// 用户登录机制 支持1小时/1周状态/// </summary>/// <remarks></remarks>public class User{#region "自定义参数"/// <summary>/// 自定义字符 用于第一层加解密密匙/// </summary>/// <remarks></remarks>private const string CustomCode = "QQ:867863456";/// <summary>/// cookie名/// </summary>/// <remarks></remarks>private const string CookieName = "userinfo";/// <summary>/// Cookie作用域/// </summary>/// <remarks></remarks>private const string CookieDomain = ".370b.com";/// <summary>/// 编码/// </summary>/// <remarks></remarks>private static Encoding Encoder = Encoding.UTF8;/// <summary>/// 用户名的正则检测 我的是:首位由字母或者汉字构成,由字母、数字、下划线、和汉字的 2-20位的字符 组合而成 的/// </summary>/// <remarks></remarks>private const string RegexUserName = "[a-zA-Z\\u4e00-\\u9fa5][\\w\\u4e00-\\u9fa5]{1,19}";/// <summary>/// 区域化信息设置/// </summary>/// <remarks></remarks>private static System.Globalization.CultureInfo Format = new System.Globalization.CultureInfo("zh-CN", true);#endregion        #region "回调参数"/// <summary>/// 是否在线/// </summary>/// <remarks></remarks>public  bool Online{get { return _Online; }}private  bool _Online = false;/// <summary>/// 用户ID (Online=true情况下使用)/// </summary>/// <remarks></remarks>public  int Id{get { return _Id; }}private int _Id;/// <summary>/// 用户名 (Online=true情况下使用)/// </summary>/// <remarks></remarks>public  string Name{get { return _Name; }}private string _Name;/// <summary>/// 有效期是否为7天/// </summary>/// <remarks></remarks>public bool IsWeek{get { return _isWeek; }}private bool _isWeek;#endregion/// <summary>/// 初始化用户信息(检测当前请求用户是否登录)/// </summary>/// <remarks></remarks>public User(){//读取cookieHttpCookie cookie = HttpContext.Current.Request.Cookies[CookieName];if (cookie != null){//存在cookiestring value = cookie.Values["u"];string key = cookie.Values["i"];string tname = cookie.Values["n"];cookie = null;                if (tname != null && value != null && key != null && Regex.IsMatch(key, "^[1-8A-H]{2}(-[1-8A-H]{2}){7}$", System.Text.RegularExpressions.RegexOptions.None)){//存在对应键值byte[] keybyte = toByte(DEChar(key));//解密密匙的后8位字节 由参数i构成                    if (keybyte != null){                        byte[] autocode;//解密密匙的前16位字节 由用户UserAgent,用户名,自定义字符 组合而成 的 md5 using (System.Security.Cryptography.MD5CryptoServiceProvider m = new System.Security.Cryptography.MD5CryptoServiceProvider()){autocode = m.ComputeHash(Encoder.GetBytes(string.Format(Format, "{0}_{2}_{1}", HttpContext.Current.Request.UserAgent, tname, CustomCode)));}byte[] keyboard = new byte[keybyte.Length + autocode.Length];autocode.CopyTo(keyboard, 0);keybyte.CopyTo(keyboard, autocode.Length);value = DesDecrypt(value, keyboard);if (value.Length > 0){//解密成功 第一层合法Match values = Regex.Match(value, "^(?<md5>[\\w]{32})(?<isweek>[01])(?<id>[\\d]{1,10})(?<name>" + RegexUserName + ")\\|(?<exp>[\\d]{1,19})$");if (values.Success){long LostDateTime = 0;if (int.TryParse(values.Groups["id"].Value, out this._Id) && this._Id > 0 && long.TryParse(values.Groups["exp"].Value, out LostDateTime) && LostDateTime > 0){//解密后的字符串格式正确this._isWeek = (values.Groups["isweek"].Value == "1");//此md5用于验证解密后的字符串 由用户id,用户名,cookie写入时间,自定义字符串 以及有效期是否是1周 组合string md5 = MD5Public(string.Format(Format, "{0}{5}{1}{2}:rayyu.{3};{4}", values.Groups["id"].Value, values.Groups["exp"].Value, values.Groups["name"].Value, CookieDomain, _isWeek, CustomCode));if (md5 == values.Groups["md5"].Value){//md5正常double lostdate = (DateTime.Now - new DateTime(LostDateTime)).TotalMinutes;int l_a = 0;if (_isWeek){l_a = 10080;}else{l_a = 60;}if (lostdate > 0 && lostdate < l_a){//cookie在有效期内this._Name = values.Groups["name"].Value;this._Online = true;if (lostdate > 15){//cookie以写入超过15分钟,从新写入1次cookieSetUser(this._Id, this._Name, this._isWeek, autocode);}}}else{this._Id = 0;this._Name = null;}}}}}}}}/// <summary>/// 初始化(写入新用户)/// </summary>/// <param name="userid">用户id</param>/// <param name="username">用户名</param>/// <param name="isweek">是否保持一周登录状态</param>/// <remarks></remarks>public User(int userId, string userName, bool isWeek){SetUser(userId, userName, isWeek);this._Id = userId;this._Name = userName;this._isWeek = isWeek;this._Online = true;}/// <summary>/// 写入用户/// </summary>/// <param name="userid">用户id</param>/// <param name="username">用户名</param>/// <param name="isweek">是否保持一周登录状态</param>/// <param name="autocode"></param>/// <remarks></remarks>private static void SetUser(int userid, string username, bool isweek, byte[] autocode = null){if (autocode == null){//解密密匙的前16位字节 由用户UserAgent,用户名,自定义字符 组合而成 的 md5 using (System.Security.Cryptography.MD5CryptoServiceProvider m = new System.Security.Cryptography.MD5CryptoServiceProvider()){autocode = m.ComputeHash(Encoder.GetBytes(string.Format(Format,"{0}_{2}_{1}", HttpContext.Current.Request.UserAgent, username, CustomCode)));m.Clear();}}DateTime expires = default(DateTime);char isweekint;if (isweek){expires = DateTime.Now.AddDays(7);isweekint = '1';}else{expires = DateTime.Now.AddHours(1);isweekint = '0';}//解密密匙的后8位字节 随机生成参数ibyte[] rbyte = Encoder.GetBytes(RandomCode(8));byte[] keyboard = new byte[24];autocode.CopyTo(keyboard, 0);//组合密匙 长度为24位rbyte.CopyTo(keyboard, autocode.Length);autocode = null;string exp = DateTime.Now.Ticks.ToString("D", Format);//加密字符串string value = DesEncrypt(string.Format(Format, "{4}{0}{1}{2}|{3}", isweekint, userid, username, exp, MD5Public(string.Format(Format, "{0}{5}{1}{2}:rayyu.{3};{4}", userid, exp, username, CookieDomain, isweek, CustomCode))), keyboard);keyboard = null;string key = ENChar(System.BitConverter.ToString(rbyte));//混淆参数irbyte = null;//写入cookieHttpCookie cookie = new HttpCookie(CookieName);cookie.Values.Add("n", username);cookie.Values.Add("u", value);cookie.Values.Add("i", key);cookie.Path = "/";cookie.Expires = expires;cookie.Domain = CookieDomain;HttpContext.Current.Response.Cookies.Set(cookie);}/// <summary>/// TripleDESC解密/// </summary>/// <param name="strText">待解密字符串</param>/// <param name="key">密匙</param>/// <returns></returns>/// <remarks></remarks>protected static internal string DesDecrypt(string strText, byte[] key){try{using (System.Security.Cryptography.TripleDESCryptoServiceProvider provider = new System.Security.Cryptography.TripleDESCryptoServiceProvider()){provider.Key = key;provider.Mode = System.Security.Cryptography.CipherMode.ECB;byte[] inputBuffer = Convert.FromBase64String(strText);return Encoder.GetString(provider.CreateDecryptor().TransformFinalBlock(inputBuffer, 0, inputBuffer.Length)).Trim();}}catch(CryptographicException){return string.Empty;}catch(ArgumentNullException){return string.Empty;}catch(DecoderFallbackException){return string.Empty;}catch(ArgumentException){return string.Empty;}catch(FormatException){return string.Empty;}}/// <summary>/// TripleDESC加密/// </summary>/// <param name="strText">待加密字符串</param>/// <param name="key">密匙</param>/// <returns></returns>/// <remarks></remarks>protected static internal string DesEncrypt(string strText, byte[] key){try{using (System.Security.Cryptography.TripleDESCryptoServiceProvider provider = new System.Security.Cryptography.TripleDESCryptoServiceProvider()){provider.Key = key;provider.Mode = System.Security.Cryptography.CipherMode.ECB;byte[] bytes = Encoder.GetBytes(strText);return Convert.ToBase64String(provider.CreateEncryptor().TransformFinalBlock(bytes, 0, bytes.Length));}}catch (CryptographicException){return string.Empty;}catch (ArgumentNullException){return string.Empty;}catch (DecoderFallbackException){return string.Empty;}catch (ArgumentException){return string.Empty;}catch (FormatException){return string.Empty;}}/// <summary>/// md5加密/// </summary>/// <param name="str">待加密字符串</param>/// <returns>返回加密后字符串</returns>/// <remarks></remarks>private static string MD5Public(string str){using (System.Security.Cryptography.MD5CryptoServiceProvider m = new System.Security.Cryptography.MD5CryptoServiceProvider()){byte[] MDByte = m.ComputeHash(Encoder.GetBytes(str));return System.BitConverter.ToString(MDByte).Replace("-", "");}}/// <summary>/// 随机数/// </summary>/// <remarks></remarks>private static Random Randoms = new Random();/// <summary>/// 随机字符集合/// </summary>/// <remarks></remarks>private static char[] xarrChar = new char[] {'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z','A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z'};/// <summary>/// 生成随机数/// </summary>/// <returns></returns>/// <remarks></remarks>public static string RandomCode(int length){string str = "";int mlength = xarrChar.Length;for (int i = 0; i < length; i++){str += xarrChar[Randoms.Next(0, mlength)];}return str;}/// <summary>/// 16进制字符串转Byte数组/// </summary>/// <param name="value"></param>/// <returns></returns>/// <remarks></remarks>private static byte[] toByte(string value){try{string[] chars = value.Split('-');int length = chars.Length;byte[] byte_ = new byte[length];for (int i = 0; i < length; i++){byte_[i] = Convert.ToByte(chars[i], 16);}return byte_;}catch (ArgumentException){return null;}catch (FormatException){return null;}catch (OverflowException){return null;}}/// <summary>/// TripleDESC-部分密匙 字符混淆 如果要修改下面的字符 请注意修改上面的正则/// </summary>/// <param name="value"></param>/// <returns></returns>/// <remarks></remarks>private static string ENChar(string value){value = value.Replace( "A", "H");value = value.Replace( "B", "G");value = value.Replace( "0", "B");value = value.Replace( "9", "A");return value;}/// <summary>/// TripleDESC-部分密匙 字符反混淆 如果要修改下面的字符 请注意修改上面的正则/// </summary>/// <param name="value"></param>/// <returns></returns>/// <remarks></remarks>private static string DEChar(string value){value = value.Replace( "A", "9");value = value.Replace( "B", "0");value = value.Replace( "G", "B");value = value.Replace( "H", "A");return value;}}
}

Asp.Net使用加密cookie代替session验证用户登录状态 源码分享 欢迎拍砖相关推荐

  1. JavaWeb中使用session保持用户登录状态

    使用session保持用户登录状态 // 登录 成功// 保存用户登录的信息到Session域中req.getSession().setAttribute("user", logi ...

  2. vue router.beforeEach跳转路由验证用户登录状态

    使用vue判断验证用户登录状态 导航钩子类似于生命周期钩子,包含路由进入前,进入后,更新时,退出前等几个周期,主要用于控制导航的前进后退或跳转等. 其中router.beforeEach就是路由进入前 ...

  3. Cookie和Session实现保存登录状态免登录

    Cookie 是服务器委托浏览器存储的一些数据,让服务器有了"记忆能力": 响应报文使用 Set-Cookie 字段发送"key=value"形式的 Cooki ...

  4. C#毕业设计——基于C#+asp.net+sqlserver的选课系统设计与实现(毕业论文+程序源码)——选课系统

    基于C#+asp.net+sqlserver的选课系统设计与实现(毕业论文+程序源码) 大家好,今天给大家介绍基于C#+asp.net+sqlserver的选课系统设计与实现,文章末尾附有本毕业设计的 ...

  5. MVC4验证用户登录特性实现方法

    在开发过程中,需要用户登陆才能访问指定的页面这种功能,微软已经提供了这个特性. // 摘要:// 表示一个特性,该特性用于限制调用方对操作方法的访问.[AttributeUsage(Attribute ...

  6. MVC4项目中验证用户登录一个特性就搞定

    在开发过程中,需要用户登陆才能访问指定的页面这种功能,微软已经提供了这个特性.// 摘要:// 表示一个特性,该特性用于限制调用方对操作方法的访问.[AttributeUsage(AttributeT ...

  7. ASP.NET MVC使用Authorize过滤器验证用户登录

    ASP.NET MVC使用Authorize过滤器验证用户登录.Authorize过滤器首先运行在任何其它过滤器或动作方法之前,主要用来做登录验证或者权限验证. 示例:使用Authorize过滤器实现 ...

  8. 在Forms验证模式下,实现多个站点(SubDomain相同)共享同一用户登录状态

    原文:http://caomao.cnblogs.com/archive/2005/07/05/186606.html 今天一早看了dudu关于二级域名Cookie的问题及解决方法,认为dudu的原理 ...

  9. asp毕业设计——基于asp+access的网上投票系统设计与实现(毕业论文+程序源码)——网上投票系统

    基于asp+access的网上投票系统设计与实现(毕业论文+程序源码) 大家好,今天给大家介绍基于asp+access的网上投票系统设计与实现,文章末尾附有本毕业设计的论文和源码下载地址哦. 文章目录 ...

最新文章

  1. 【优秀作业】粒子群算法
  2. 经struts2中的action后,jsp中css失效的问题
  3. 第三次学JAVA再学不好就吃翔(part65)--正则表达式
  4. mysql binlog oplog_mongodb 学习之oplog
  5. 「澳洋主数据项目」主数据促企业变革
  6. anaconda+cuda+cudnn+pytorch安装踩坑大全
  7. Java开发领域的大牛有哪些
  8. dbcc 删除日志_有用的DBCC日志命令
  9. 大数据的可视化:bigvis包的简单尝试
  10. html重复div绘制,[DIV+CSS]绘制2重交叉表_html/css_WEB-ITnose
  11. 目标检测(Object Detection)的整理
  12. vasp服务器中断,vasp优化结构没提示直接中断
  13. MATLAB中的norm函数
  14. arduino霍尔编码器蓝牙小车代码
  15. 电脑备份,电脑怎么备份系统?电脑备份系统的方法
  16. MySQL中的表中增加删除字段
  17. 两个整数之间的所有素数,素数个数,素数和
  18. Zookeeper的Watcher机制及Watcher原理分析
  19. 如何让梯形变成平行四边形_可以把梯形转化成平行四边形来算
  20. 微信第三方平台小程序平台设计

热门文章

  1. 关于Kubernetes 中通过 Kustomize 实现YAML资源文件组合与继承的一些笔记
  2. CentOS7编译安装keepalived实现自动漂移、高可用及开机启动
  3. 哈希记账小工具(wordpress、woocommerce、kafka、frp分布式集成)
  4. 【java毕业设计】基于javaEE+原生Servlet+MySql的Web停车场管理系统设计与实现(毕业论文+程序源码)——停车场管理系统
  5. Viewer.js Javascript/jQuery图片查看器
  6. Mrtg网络监控 实现步骤
  7. typescript object、Object及{}类型
  8. 卓懿9.0正式版来袭
  9. MAQ/BWA introduction by Li Heng
  10. 传出神经系统分为哪两类,传出神经的分类与功能